[Secure-testing-team] Etch security bug hunting season opened
jmm at inutil.org
Mon Aug 14 19:12:54 UTC 2006
I started to raise severities of several security bugs. Unfortunately
many maintainers only care for these :-/
Please also file bugs for code duplication (embedding a copy) and
package duplication (needlessly introducing multiple versions in
a stable release), with at least severity important and keep me
posted. We really need to have Etch is a better security maintainability
than the current Sarge situation.
And please also have an eye for packages, which are too buggy to
release security-wise. Crap like oftpd, elog or mantis should never
have entered the archive at the first glance.
More information about the Secure-testing-team